KPMG Fraud Survey (Ch3)

8/8/2019 KPMG Fraud Survey (Ch3)

1/38

ADVISORY

FORENSIC

Profile of a FraudsterSurvey 2007


2/38


3/38

Profile of a Fraudster Survey 2007 1

1 Introduction 2

2 Methodology 5

3 Executive Summary 6

4 Fraudster Facts & Figures 10

4.1 Personal Details 10

4.2 Fraud Details 16

4.3 Other Circumstances 24

5 Fraud Management within the Company 28

6 Company Facts & Figures 31

6.1 Branch of victims organization 31

6.2 Company size 32

7 Europe, Middle East and Africa Contacts 34

Content

2007 KPMG Holding, the Swiss member firm of KPMG International, a Swiss cooperative. All rights reserved.


4/38

2 Profile of a Fraudster Survey 2007

Who commits fraud?

Why do people commit fraud?

At first glance, an average fraudster1 is not much different from an average

person. Consequently, it is often extremely difficult to detect fraudulent acts.

But upon reflection, the following circumstance must be considered: Why are

people often caught unaware when somebody is accused of fraud? Because it

is usually the colleague who is known to be helpful, polite and inconspicuous.

But most importantly it is the colleague that enjoys the absolute trust of both

superiors and colleagues.

This fact highlights the importance of recognizing trust as a main risk factor,

making it all the more crucial for management to exercise a well-considered

balance between trust and control.

This insight does not answer the original question and should not lead to the

assumption that each trusted employee is a potential fraudster; rather it leads

to the question:

From a theoretical point of view there are three important factors concernedwith committing fraud: opportunity, motive, and rationalization, also known as

the fraud triangle.

Opportunitygenerally occurs through weaknesses in the internal controls and

creates an atmosphere where fraudsters believe they are likely to be successful

and undetected. Therefore companies primarily focus their prevention efforts on

this aspect of the fraud triangle by enforcing certain types of controls and by

implementing effective fraud risk management policies. Trust, however, though

important in business often becomes the door opener for fraudsters.

Motiveoften develops from financial pressure resulting from a fraudsters

excessive life style, or from the gap between the financial remuneration earned

and the responsibility held by the individual, or pressure to meet financial targets,

or the superiority complexes of the individual or basic greed.

Rationalization is the fraudsters internal dialogue that provides the self justification

for his actions. The fraudster convinces himself /herself that he/she is owed this

remuneration by the employer.

1 Introduction

1 The term fraudster in this survey is used as an non-technical term, not limited to those perpetrators who committed

fraud in a legal sense, but to white-collar crime in general.



5/38


Insight, awareness & recognition

Turn expertise into added value

Profile of a Fraudster Survey

Becoming aware of the above mentioned facts, gaining insight into the motivations

of a fraudster and recognizing the enormous threat every company is exposed to

are the first important steps in establishing and implementing an effective and

sustainable fraud risk management system.

The aim of this survey is to combine theory with practicality. KPMGs Forensic

professionals offer extensive knowledge and experience gained over decades,

in organizations of all sizes, in various branches, in diverse geographical regions

and encountering all types of fraudsters.

By basing the KPMGs Profile of a Fraudster Survey 2007 on hundreds of actual

region (Europe, Middle East and Africa), the results reveal a comprehensive profile of

those who commit fraud, the conditions in which fraud takes place and the resulting

actions. This survey is not strictly representative in the statistical-mathematical

sense because it solely covers the reported profiles and only those investigated by

KPMG. Despite this fact it is unique for two reasons. First, it is significant that thissurvey focuses on the perpetrator. Second, it is extraordinary because it is based

on actual fraud investigations and not on voluntary self declarations of interviewed

organizations. The result is an overall profile of the perpetrator within the context

of the environment in which he operated and the circumstances in which he was

located and acted.

The results paint an interesting and instructive picture of the typical fraudster. In

eighty-nine percent of the profiles, the fraudsters committed fraudulent acts against

their own employers. In twenty percent of these profiles, an external perpetrator

was involved. Interestingly, the tenure of employment does not have a positive

influence rather the contrary: more than fifty percent of offenders have been with

their company for more than six years. In sixty-eight percent of profiles fraudsters

acted independently. In only five percent of profiles more than five people were

involved. In ninety-one percent of profiles perpetrators were not content with one

fraudulent act, but acted multiple times often over a period of several years.

Lone operators represent the greatest white collar crime risk for companies. The

survey results indicate that two thirds of all primary internal perpetrators are

members of the top management. This finding highlights a significant risk, based

on the concept of trust, as company executives are privy to highly confidential

information and have the potential to cause the most harm to the organization.

fraud investigations conducted by KPMG Forensic departments within the EMA



6/38


The findings reinforce the notion that the overriding motivations for white-collar

crime are greed, opportunity and the pressure to meet budgets and targets. The

last two reasons particularly should ring a warning bell and raise the awareness

of employers, because they provide at least one aspect of the fraud triangle and

offer a reason for a second one.

Pablo Bernad Ramoneda

Partner, Regional Chairman Forensic Europe, Middle East and Africa (EMA)



7/38


Approach

Information concerning details of fraud investigations conducted by forensic

departments of KPMG in Europe, India and the Middle East and South Africa

(EMA) over the past few years was gathered through an online questionnaire.

The survey reveals the following information:

fraudster profile including personal details and information regarding the

fraudulent acts.

conditions for enabling the fraudulent acts and the surrounding factors.

follow-up actions by fraud victims.

General Conditions

Out of several hundred fraud investigations conducted by Forensic EMA in the last

few years only profiles of white collar crimes and profiles with clearly identifiable

fraudsters were included in the survey.

Excluded were those fraudulent acts considered to be of no material value, profiles

of misconduct or where the suspected fraud could not be substantiated in thecourse of the investigation and profiles where a certain amount of requested details

could not be provided.

360 profiles were selected for analysis.

All mentioned figures are percentages and all amounts refer to the currency Euro

(EUR).

2 Methodology



8/38


Personal details

70 percent of fraudsters were between the ages of 36 and 55 years old.

85 percent of perpetrators were male.

In 68 percent of profiles the perpetrator acted independently.

In 89 percent of profiles the fraudsters were employees committing fraudulent

acts against their own employer, whereas 20 percent involved complicity with

an external perpetrator, resulting in the conclusion that in only 11 percent of all

profiles the companies were attacked purely by externals.

Members of senior management (including board members) represent 60

percent of all fraudsters. An additional 26 percent of profiles involve management

level persons bringing the total to 86 percent of profiles involving management.

This result highlights a risk that every company faces: executives are entrusted

with sensitive company information and yet are also often in a position to

override internal controls.

In 36 percent of profiles the perpetrator worked for their company for 2-5 years

before committing fraud. In 22 percent of profiles the fraudulent employees

registered more than 10 years of service at the victims organization. In just13 percent of profiles the fraudster was with the company for less than 2 years

prior to committing fraudulent acts.

The internal fraudster most often works in the finance department followed

by operations/sales or as the CEO.

Fraud details

Misappropriation of money was revealed as the most common type of fraud.

In 83 percent of profiles the fraudsters acted nationally and not internationally.

91 percent of perpetrators did not stop at one single fraudulent transaction but

rather performed multiple fraudulent transactions; every third perpetrator acted

more than 50 times.

A total loss of 1 million EUR and more per fraudster and profile was caused by

every second fraudster in Europe, by almost every third perpetrator in South

Africa and by every fourth offender in India and the Middle East.

In 24 percent of profiles the timeframe for perpetrating fraudulent acts was

less than 1 year. In 67 percent of profiles fraudsters acted within a timeframe

between 1 year and 5 years until they were exposed or stopped their fraudulent

activities. This result generates questions concerning the effectiveness and the

quality of existing internal controls: why were they not able to discover or stop

fraudulent acts within the recurring standard controls in more than two thirds

of all profiles?

Fraudster facts and figures

3 Executive Summary



9/38


Psychological & additional circumstances

Greed and opportunity (when taken together account for 73 percent of profiles)

are indicated to be the overriding motivations for fraud.

No prior suspicion existed in more than half of the profiles, but in 21 percent

of profiles the companies did not act, even though there was prior suspicion.

This raises many questions. Such as, are we, as a society too trusting and

unwilling to investigate unless the facts are overwhelming?

Perpetrators were able to commit fraud by primarily exploiting weak internal

controls, in 49 percent of profiles.

Fraudsters were mainly detected by whistle blowers or management reviews

(accumulated 46 percent).

Fraud management within the concerned organization

In 50 percent of profiles companies did not communicate the details of the fraud

within the organization. In 15 percent of profiles companies revealed information

concerning the fraudulent acts only selectively.

Besides the external investigation conducted by KPMG the companies mainlycarried out internal investigations, took disciplinary or legal actions and/or involved

the police. Only in 2 percent of all profiles, the companies took no additional

action or sanction.

Company facts & figures

All sectors are almost equally affected by white-collar crime, except for the

chemicals, pharmaceuticals & biotech sector, which appear to be less impaired.

In Europe in half of the profiles the turnover of the companies that suffered

damage, was less than 50 million EUR. While in South Africa it was 63 percent.

In India and the Middle East the companies with a turnover of less than 50

million EUR and between 50 and 500 million accounted for 34 percent each.



10/38


Just as the fraud triangle tries to explain the causes of fraud using three headings

we also see the mitigating factors in the three areas: prevention, detection and

response.

Prevention

A comprehensive fraud and misconduct risk assessmenthelps management

understand their business unique risks, identify gaps or weaknesses in their

controls and develop a plan for targeting the right resources and controls.

A well-implemented code of conduct is one of the most important mechanisms

to communicate with employees about acceptable business standards and to

raise awareness of managements commitment to integrity.

An appropriate employee and third party due diligenceis an important part of

an effective fraud and misconduct prevention strategy, especially for positions

with authority over the financial-reporting process.

A carefully planned communications and training program will raise employee

awareness of their obligations concerning fraud and misconduct controls.

Detection

Hotlinesprovide employees and third-parties with a way to report possible fraud

and misconduct and to seek advice when the appropriate course of action is

unclear.

Auditing and monitoring plansbased on the organizations fraud risk assessment

process gives higher risk issues priority and facilitates fraud and misconduct

detection more effectively.

Proactive forensic data analysistools such as sophisticated analytic testing,

computer-based cross matching, and non-obvious relationship identification

can help identify potential fraud and misconduct that otherwise would remain

unnoticed by management, possibly for years.

Mitigating factors



11/38


Response

A thorough and well-planned internal investigation should be conducted when

information relating to actual or potential fraud or misconduct is uncovered.

A disciplinary system detailing enforcement and accountability protocols is key

to effectively deterring fraud and misconduct and signaling that managing fraud

and misconduct risk is considered a top priority.

Public disclosure of fraud and misconductshould be considered for combatting

or preempting negative publicity, demonstrating good faith and assisting in

putting the matter to rest.

Remedial actions should be taken once fraud or misconduct has been

discovered, e.g.

voluntarily disclose the results of the investigation to a regulator or other

relevant body

remedy the harm caused

examine the causes to help ensure that risk is mitigated

discipline those involved as well as those in management positions who failed

to prevent or detect such events communicate to employees that management took appropriate, responsive

action.

These mitigating factors are extensively covered in KPMG Fraud Risk Management

White Paper, Developing a Strategy for Prevention released on 6 November, 2006.



12/38


This survey provides a comprehensive overview of a fraudsters profile including

personal traits, fraudulent act details, conditions surrounding the fraud, company

decisions for dealing with fraudulent acts, and affected company background

information.

4.1 Personal Details

Age of fraudster

In 70 percent of profiles the perpetrators were between the ages of 36 and 55

years old. Frequency of fraudulent acts committed by people between the ages

of 26 and 35 is similar to those acts committed by people over 55 years old.

4 Fraudster Facts & Figures

older than 55 years old

46 55 years old

36 45 years old

26 35 years old

18 25 years old

13%

31%

39%

14%

3%

0% 5% 10% 15% 20% 25% 30% 35% 40%



13/38


Gender of fraudster

In 85 percent of profiles fraudsters were male. However, female perpetrators are

not to be ignored. This statistic could be influenced by womens under-representationin management positions and therefore more limited access to sensitive information

than their male colleagues. Significantly, women participated as a conspirator in

every fourth profile where a conspirator was involved.

Number of fraudsters

In 68 percent of profiles the perpetrator acted independently. In 27 percent of

profiles, perpetrators acted in groups of two to five conspirators. A group of more

than five perpetrators only acted in 5 percent of all profiles.

0% 10% 20% 30% 40% 50% 60% 70%

more than 5

2 5

1

5%

27%

68%

male

female

87%

13%15%

85%



14/38


Fraudsters relationship to the organization that suffered damages

In 89 percent of profiles the company concerned was damaged by its own

employees. In 20 percent of these profiles the employee acted together withan external perpetrator. Only in 11 percent of profiles were external individuals

solely responsible for fraudulent acts. Results reveal that employees represent

the greatest risk for the perpetration of white collar crime.

In the following sections a closer look is taken at these two groups and detailed

information is provided on employees that damaged their own employers (internal

fraudster) as well as those that caused damage to a company as external

fraudsters.

Internal fraudster seniority

According to this survey 86 percent of fraudsters held management positions

and 60 percent of these persons belonged to senior management and/or board

of directors. The inherent responsibilities, trust associated with these positions,ability to override internal controls, internal knowledge and access to confidential

staff

management

senior management

board member

14%

26%

49%

11%

0% 10% 20% 30% 40% 50%

internal

external

collusion between internal and external

70%

10%

20%20%

11%

69%



15/38


company information that come with a management position are essential for a

companys success, but also create a risk that fraudulent acts may occur.

Internal fraudster years of service at the victims organization

Employee tenure, is it a mitigating or contributing factor affecting the probabilityof fraudulent acts occurring?

Only 13 percent of the internal perpetrators involved with this survey commit fraud

within the first two years of working with their company and only 4 percent

acted within their first year of employment. Most fraudulent acts are committed

by employees who have been working with a company for more than two years.

In 36 percent of profiles they stayed with the company between 3 to 5 years and

in an additional 29 percent of profiles they were employed between 6 and 10

years. Results reveal that the tenure of employment does not seem to influence

an employees loyalty. In 22 percent of profiles employees committed fraud against

their company even after 10 years and more of employment.

These results also raise the question of whether or not some new employees join

an organization with the intent to commit fraud or if they only develop the criminal

inclination once they have gained the trust of their colleagues and superiors and

have identified weaknesses in internal controls and opportunities for fraud within

the company.

more than 10

6 10

3 5

1 2

less than 1

22%

29%

36%

9%

4%

0% 5% 10% 15% 20% 25% 30% 35% 40%



16/38


Internal fraudster department/ function

Perpetrators most commonly worked in the finance (36 percent) or operations/sales (32 percent) departments or, as CEO (11 percent). Notably also members of

the board are reported to belong to the group of fraudsters, but only in a small

number of profiles. Nearly all other areas are also affected but play a less important

role.

The access to and responsibilities for accounts, cash, checks, financial reports and

credit lines offer a significantly higher opportunity for committing and concealing

fraudulent acts than for employees working in other departments. In the finance

department, two thirds of fraudulent acts occur within the controlling departments

and one third of fraudulent acts occur in accounting. Although procurement and

production departments are also said to be vulnerable, these departments were

involved in less than 10 percent of profiles in this survey.

0% 5% 10% 15% 20% 25% 30% 35% 40%

legal

board member

back office

procurement

CEO

operations/ sales

finance

research & development

2%

2%

5%

9%

11%

32%

36%

3%



17/38


External fraudster relationship to victims organization

With regards to the relationships external perpetrators have towards the organization

they damaged, the results show that nearly all possibilities are represented

although they are mainly suppliers, customers and subcontractors. As invoices

and credit lines are involved in the relationships between a company and theirsuppliers and customers, there is an increased opportunity for fraud to occur.

Analysis of the conspirators was also conducted in the same manner as the

primary perpetrators. The results indicate that accomplices motivations and

profiles are almost identical to the primary perpetrators.

joint venture partner

shareholder/ stockholder

consultant

subcontractor

4%

6%

10%

19%

customer

supplier

26%

35%

0% 5% 10% 15% 20% 25% 30% 35% 40%



18/38


4.2 Fraud Details

In the following section the survey focuses on another facet of a fraudsters profile:

the offence committed by him. How did he proceed? What was the damage he/she

caused?

Number of fraudulent acts/transactions per fraudster and profile

The following two charts provide information about the number of times the

perpetrators acted was it more common to commit one act or to separate their

acts into a multitude of fraudulent transactions?

Single or multiple acts/transactions

In 91 percent of profiles the perpetrators did not leave it at one single fraudulent

act, but committed repeated acts of fraud.

We examined how many fraudulent transactions the perpetrators committed in

detail:

multiple acts / transactions

single act / transaction

87%

13%9%

91%



19/38


Quantity of acts/transactions

35 percent of fraudsters acted less than 10 times, an additional 33 percent

carried out between 10 and 49 fraudulent transactions and 17 percent acted more

than 100 times. Consequently: in more than 65 percent of profiles the fraudsters

embezzled, stole, deceived, bribed or misappropriated at least 10 times and everythird perpetrator acted more than 50 times.

Amount per individual fraudulent act/transaction in Europe

more than 1,000

100 999

20 49

10 19

less than 10

50 99

5%

12%

19%

14%

35%

15%

more than 2 million

1 to 2 million

500 999999

200 499999

12%

4%

6%

10%

100 199999

50 99999

25 49999

10 24999

9%

8%

8%

14%

1 9999

less than 1000

19%

10%

0% 5% 10% 15% 20% 25% 30% 35%

0% 5% 10% 15% 20% 25% 30% 35% 40%



20/38


Amount per individual fraudulent act/transaction in South Africa

Amount per individual fraudulent act/transaction in India and the Middle East

In Europe, India and the Middle East, the loss amount per fraudulent transaction

was valued between 1,000 to 25,000 EUR (33 percent and 38 percent respectively).

Beyond this, in Europe, results also show a large number of fraudulent transactions

valued at over one million EUR (16 percent).

more than 2 million

1 to 2 million

500 999999

200 499999

3%

0%

5%

16%

100 199999

50 99999

25 49999

10 24999

0%

14%

5%

11%

1 9999

less than 1000

27%

19%

more than 2 million

1 to 2 million

500 999999

200 499999

7%

2%

2%

1%

100 199999

50 99999

25 49999

10 24999

13%

7%

7%

4%

1 9999

less than 1000

24%

33%

0% 5% 10% 15% 20% 25% 30% 35%

0% 5% 10% 15% 20% 25% 30% 35%



21/38


In South Africa, the amount per fraudulent transaction was most commonly less

than 1,000 EUR (33 percent), followed by a value between 1,000 and 25,000 EUR

(28 percent). Additionally in this region almost every tenth fraudulent act amounted

to over one million EURO.

Total loss per profile

Besides the indirect and immaterial damages, which are difficult to measure or

assess, the figures presented in the following two charts focus on the direct total

financial loss caused by each fraudster and/or profile.

Total loss in EMA

The figures reveal that in 42 percent of profiles the total loss per profile is more than

1 million EUR, but also the category less than 50,000 EUR shows a not insignificant

number. To gain a clearer and more detailed overview and to consider the different

cultures and regional conditions the figures have been split up into the three regions:

Total loss in Europe

0% 5% 10% 15% 20% 25% 30% 35%

more than 10 million

1 10 million

500 999999

10%

32%

7%

100 499999

less than 50000

50 99999

21%

18%

12%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45%


1 10 million

500 999999

11%

38%

7%

100 499999

less than 50000

50 99999

25%

8%

11%



22/38


Total loss in South Africa

Total loss in India and the Middle East

The total financial direct loss caused by fraudsters and/or per profile and divided

into the three regions is as follows: In South Africa, India and the Middle East

the total loss per profile is predominantly less than 50,000 EUR (42 percent and

30 percent), this amount plays only a secondary role in Europe (8 percent), where

most total losses are in the range of 1 to 10 million EUR (38 percent). Regarding

the loss of more than 10 million EUR, India and the Middle East is the region with

the greatest number of such losses (15 percent).

A loss of 1 million EUR or more was caused by almost every second fraudster in

Europe (49 percent) , by almost every fourth perpetrator in South Africa and in

India and the Middle East.

0% 5% 10% 15% 20% 25% 30% 35% 40% 45%


1 10 million

500 999999

3%

24%

4%

100 499999

less than 50000

50 99999

12%

42%

15%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45%


1 10 million

500 999999

15%

10%

20%

100 499999

less than 50000

50 99999

15%

30%

10%



23/38


Timeframe duration from first to last act/transaction or to discovery

In 24 percent of profiles the fraudsters extended their fraudulent acts over or

were discovered within a period of less than 1 year. In other words: in more than

three quaters of all profiles the existing internal controls seemed to be insufficient

to detect the fraud within their normal and yearly scheduled routine.

In 34 percent of profiles the perpetrator committed multiple fraudulent acts within

the timeframe of 1 to 2 years and in 33 percent of profiles the fraudulent acts lasted

over a period of 3 to 5 years. Additionally, almost every tenth offender was able to

act for more than 5 years on only detected ofter 5 years. These results highlight

the fact that perpetrators were able to continue committing fraudulent acts over

a long period of time without detection and hence emphasizes the need for action

in the area of fraud risk management.

more than 10 years

6 10 years

1 2 years

less than 1 year

3 5 years

3%

6%

34%

24%

33%

0% 5% 10% 15% 20% 25% 30% 35%



24/38


Location of fraud

In 83 percent of profiles the perpetrators acted on a national basis. These results

could imply that even during this era of globalization and worldwide networks,fraudsters tend to limit their fraudulent acts to local rather than multinational

environments.

Type of fraud in Europe

national

international

87%

13%17%

83%

counterfeit

insider trading

money laudering

1%

1%

2%

breach of secrets

other fraud

embezzlement

2 %

theft of other assets

false financial reporting

9%

10%

10%

theft of cash

corruption

20%

22%

23%

0% 5% 10% 15% 20% 25% 30% 35%



25/38


Type of fraud in South Africa

Type of fraud in India and the Middle East

Due to the various jurisdictions involved in this survey, the different types of fraud

were broken down by regions. Results indicate that theft of money and other

assets was the leading fraudulent act committed by the perpitrators. Additionally,

false financial reporting, embezzlement and kickbacks were also significantly

common types of fraud that fraudsters committed.

counterfeit

insider trading

embezzlement

1%

1%

1%

breach of secrets

money laudering

3%

5%

corruption


24%

6%


other fraud

theft of cash

15%

19%

25%

0% 5% 10% 15% 20% 25% 30% 35%

counterfeit

embezzlement

1%

5%

corruption

other fraud


33%

10%

10%


theft of cash

17%

24%

0% 5% 10% 15% 20% 25% 30% 35%



26/38


4.3 Other Circumstances

Fraudsters overriding motivation

In nearly half of the profiles, the overriding motivation for committing fraud was

greed: perpetrators committed fraud to increase their financial position, power

and/or influence. Taking advantage of an opportunity was the second most common

fraud motivator and meeting the preset budget / target and hiding losses the third.

What leads a person to become a criminal, to betray someones trust and to

jeopardize his job, career and future? Is this only a result of education and character

or are there additional factors influencing this attitude and behavior? Damaged

companies should particularly question if their company culture and ethical concept

are intact or may rather have provided an appropriate contribution in supporting

negative intrinsic motivations.

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%

risk of losing ones job

personal vices weakness

lack of personal development

3%

4%

4%

conflicts of interest

meeting budget / target; hiding losses

4%

12%

greed

opportunity

47%

26%



27/38


Conditions that enabled the fraudsters to act

Perpetrators primarily exploited weak internal controls. Additionally, fraudulent

acts occurred as a result of perpetrators abusing trust gained from managers andcolleagues.

These results highlight the difficult but essential balance that effective internal

controls must strike. Sufficient controls must be strong enough to protect company

assets but flexible enough to allow business to be conducted efficiently. The fact

that in 42 percent of profiles fraud was repeatedly committed over long periods of

time indicates that for companies with established internal controls there is still

room to further improve their fraud protection mechanisms.

According to the survey results, most fraudsters did not misuse existing controls,

but rather took advantage of insufficient controls in nearly half the profiles. This

result should raise questions about the quality of the companies current fraud

risk management policies in place as well as highlight the need for improvement.

weak internal controls

collusion

abuse of controls

70%

10%

20%

36%

15%

49%



28/38


Fraudster detected by

Anonymous tips (whistle blowers) provided the primary source for detection of

fraudulent acts. Additionally, management review often led to the detection of fraud.

Only 10 percent of all profiles were detected by internal controls. This statement

becomes more significant when put into context with the results concerning the

conditions allowing the fraud to occur.

While they may not get their hands dirty committing fraud, white collar criminals do

leave traces behind. Appropriate follow up of specific fraud warnings and warning

signs allows companies to lessen their damages.

confession of perpetrator

negligence of perpetrator

complaints by suppliers

2%

2%

4%

accidently

complaints by customers

suspicious superior

8%

9%

9%

internal controls

external controls

management review

10%

10%

21%

whistle blowing 25%

0% 5% 10% 15% 20% 25%



29/38


Prior suspicion

In 55 percent of profiles no prior suspicion existed. Notably, in 21 percent of

profiles, prior suspicion existed but no follow up action was taken. These resultsrepresent a lost opportunity for these companies to mitigate their damages.

no prior suspicion

prior suspicion not acted on

prior suspicion acted on

70%

10%

20%

55%

21%

24%



30/38


Communication

In half of the profiles the offense was neither published nor communicated within

the affected company. In 15 percent of profiles the offense was published selectively,meaning either by informing only a select group of people, such as the board, the

audit committee, top management, the involved department, and /or by providing

only limited and restricted information.

These results raise the issue surrounding affected companies consideration of

the possibility of fraud occurring and their response. An effective ethics and

integrity system could have anticipated and planned for such situations. Training

and monitoring of ethics and integrity could have diminished the circumstances

that gave rise to the fraud risk and created a planned response. Tone at the top

and zero tolerance are terms that need to be applied, trained and monitored.

It is critical for companies to have effective policies for following up after

experiencing or suspecting fraudulent behavior and these should include

internal and external communication.

5 Fraud Management within theCompany

no

yes, but only selective

yes

70%

10%

20%

50%

15%

35%



31/38


Follow up actions

Besides the external investigation conducted by KPMG the companies also carriedout internal investigations, took disciplinary or legal actions and /or involved the police.

Results revealed that the leading follow up actions were internal investigations,

disciplinary actions and the involvement of police and law. Only in 2 percent of all

profiles did the companies take no additional action or sanctions.

no action or sanction

settled out of court (e.g. acknowledgement of debt)

settled before the courts

2%

4%

5%

voluntary resignation/ retirement

civil recovery

police/ law involvement

11%

12%

20%

disciplinary action

investigation internal

21%

25%

0% 5% 10% 15% 20% 25%



32/38


Asset recovery

Prevention of fraudulent acts is the best strategy to protect a company and itsassets. What are the next steps, if the company has already been damaged? While

it is possible to recover stolen assets, it often takes a considerable amount of time

and effort on the part of the organization. Results showed that in 16 percent of

profiles companies recovered stolen funds. However, in 34 percent of profiles, due

to the difficulties of recovering stolen assets, especially with regard to the duration

of court proceedings, this issue is still ongoing. In half of the profiles the assets have

not been recovered.

no

yes

issue is still on going

70%

10%

20%

50%

16%

34%



33/38


6.1 Branch of victims organization

Branch of victims organization in Europe

Branch of victims organization in South Africa

6 Company Facts & Figures

chemicals, pharmaceuticals & biotech

consumer markets

financial services

information, communication & entertainment

industrial markets

infrastructure, government & health care

4%

15%

16%

17%

19%

29%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%


consumer markets

financial services

industrial markets



2%

6%

6%

17%

21%

48%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%



34/38


Branch of victims organization in India and the Middle East

Based on this survey all sectors in Europe are almost equally affected. The

infrastructure, government & health care sector, ranked first with 29 percent

while the other sections representing second place and following only show a

marginal difference at 15 19 percent.

In South Africa, fraud is most commonly committed in the infrastructure,

government & health care sector, and followed by the information, communication

and entertainment sector. The financial services (6 percent), consumer markets

(6 percent) and chemicals pharmaceuticals & biotech sector (2 percent) are affected

less often.

In India and the Middle East fraud is most likely to occur in the information,

communications and entertainment sectors and in the industrial markets. Here

also the financial sector is the target of fraudulent activities (20 percent).

6.2 Company size

Company size in Europe


consumer markets


financial services

industrial markets


2%

11%

15%

20%

26%

26%

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%

more than 1 billion

500 million 1 billion

50 500 million

less than 50 million

23%

5%

22%

50%

0% 10% 20% 30% 40% 50% 60% 70%



35/38


Company size in South Africa

Company size in India and the Middle East

The assumption that fraudulent acts primarily occur in large corporations could not

be confirmed by the survey results. In fact, they show that small to medium size

companies are also at risk. In Europe, in half of the profiles, the turnover was

less than 50 million EUR. In South Africa it was even 63 percent.

In India and the Middle East the companies with a turnover of less than 50 million

and between 50 and 500 million were affected similarly (in total amounting to 68

percent).

In all three regions the categories were affected the most and the middle-ranking

sizes were under represented; whereas in Europe, India and the Middle East the

companies with a turnover of more than 1 billion EUR were again more affected.

more than 1 billion


50 500 million


8%

8%

21%

63%

0% 10% 20% 30% 40% 50% 60% 70%

more than 1 billion


50 500 million


21%

11%

34%

34%

0% 10% 20% 30% 40% 50% 60% 70%



36/38


KPMG in Austria

Gert Weidinger

Tel. +43 732 6938

[email protected]

KPMG in Belgium

Els Hostyn

Tel. +32 (0) 2708 4362

[email protected]

KPMG in Central and Eastern Europe

Jimmy Helm

Tel. +420 222123 430

[email protected]

KPMG in Denmark

Torben LangeTel. +45 3818 3184

[email protected]

KPMG in France

Jean-Luc Guitera

Tel. +33 (0) 1 5568 6962

[email protected]

KPMG in Germany

Dieter John

Tel. +49 221 2073 1575

[email protected]

KPMG in India

Deepankar Sanwalka

Tel. +91 124 2549111

[email protected]

KPMG in Ireland

Andrew Brown

Tel. +353 410 11 47

[email protected]

KPMG in Italy

Gabriella Chersicla

Tel. +39 02 6763 2440

[email protected]

KPMG in Luxembourg

Eric CollardTel. +353 2 2 51 51 240

[email protected]

KPMG firms in the Middle East

Colin Lobo

Tel. +971 (6) 517 0724

[email protected]

KPMG in the Netherlands

Rens Rozekrans

Tel. +31 20 656 7781

[email protected]

KPMG in Russia

Ian Colebourne

Tel. +7 495 937 2524

[email protected]

KPMG in South Africa

Petrus Marais

Tel. +27 214 087 022

[email protected]

KPMG in Spain

Pablo Bernad

Tel. +34 91 456 3400

[email protected]

KPMG in Sweden

Martin KrugerTel. +46 (0) 8723 9199

[email protected]

KPMG in Switzerland

Anne van Heerden

Tel. +41 44 249 31 78

[email protected]

KPMG in the UK

Adam Bates

Tel. +44 (0) 20 7311 3934

[email protected]

7 Europe, Middle East and AfricaContacts



37/38


38/38

kpmg.com

2007 KPMG International. KPMG International

is a Swiss cooperative. Member firms of the

KPMG network of independent firms are affiliatedi h KPMG I i l KPMG I i l

The information contained herein is of a general nature and is not intended to address the circumstances of

any particular individual or entity. Although we endeavor to provide accurate and timely information, there

can be no guarantee that such information is accurate as of the date it is received or that it will continue to bei h f N h ld h i f i i h i f i l d i f

Documents

KPMG Fraud Survey (Ch3)